<?php
	session_start();
	//eerst nog een check of gebruiker wel echt is ingelogd. if(isset) geklooi enzo
	include('include/db_connect.php');
	
	$getUsrAdres = mysql_query('SELECT postcode, straat_naam, huis_nummer, toevoeging, woonplaats FROM ADRES WHERE idADRES = (SELECT ADRES_idADRES FROM USER_DATA, USERNAME WHERE USERNAME.gebruikers_naam = "' . $_SESSION['username'] . '" AND USER_DATA.USERNAME_idUSERNAME = USERNAME.idUSERNAME)') or die(mysql_error());
	$_SESSION['adres'] = mysql_fetch_array($getUsrAdres);
	if(isset($_POST['send']))
	{
		if($_POST['send'] == 'Verander')
		{
			$check = false;
			if($_POST['password1'] != '')
			{
				if(md5($_POST['password1']) == $_SESSION['password'])
				{
					if($_POST['password'] != '' && $_POST['password2'] != '')
					{
						if($_POST['password'] == $_POST['password2'])
						{
							$change_password_query = mysql_query('UPDATE USERNAME SET wachtwoord = "' . md5($_POST['password']) . '" WHERE gebruikers_naam = "' . $_SESSION['username'] . '"') or die(mysql_error());
							$_SESSION['password'] = md5($_POST['password']);
						}
						else
						{
							$check = true;
							echo '<script type="text/javascript">alert("De wachtwoorden komen niet overeen");</script>';
						}
					}
				}
				else
				{
					$check = true;
					echo '<script type="text/javascript">alert("Het ingevoerde huidige wachtwoord komt niet overeen met het huidige wachtwoord dat bij ons bekend is");</script>';
				}
			}
			if($_POST['password1'] == '' && $_POST['password'] != '' && $_POST['password2'] != '')
			{
				$check = true;
				echo '<script type="text/javascript">alert("Voer ook het huidige wachtwoord in");</script>';
			}
			if($_POST['realname'] != '')
			{
				$change_user_real_name = mysql_query('UPDATE USER_DATA SET voornaam = "' . $_POST['realname'] . '" WHERE USER_DATA.USERNAME_idUSERNAME = (SELECT USERNAME.idUSERNAME FROM USERNAME WHERE USERNAME.gebruikers_naam = "' . $_SESSION['username'] . '")') or die(mysql_error());
				$_SESSION['real_name'] = $_POST['realname'];
			}
			if($_POST['middlename'] != '')
			{
				$change_user_middlename_query = mysql_query('UPDATE USER_DATA SET tussenvoegsel = "' . $_POST['middlename'] . '" WHERE USER_DATA.USERNAME_idUSERNAME = (SELECT USERNAME.idUSERNAME FROM USERNAME WHERE USERNAME.gebruikers_naam = "' . $_SESSION['username'] . '")') or die(mysql_error());
			}
			if($_POST['lastname'] != '')
			{
				$change_user_lastname_query = mysql_query('UPDATE USER_DATA SET achternaam = "' . $_POST['lastname'] . '" WHERE USER_DATA.USERNAME_idUSERNAME = (SELECT USERNAME.idUSERNAME FROM USERNAME WHERE USERNAME.gebruikers_naam = "' . $_SESSION['username'] . '")') or die(mysql_error());
			}
			if($_POST['street'] != '')
			{
				$change_street_query = mysql_query('UPDATE ADRES SET huis_nummer = "' . $_POST['street'] . '" WHERE idADRES = (SELECT ADRES_idADRES FROM USER_DATA, USERNAME WHERE USERNAME.gebruikers_naam = "' . $_SESSION['username'] . '" AND USER_DATA.USERNAME_idUSERNAME = USERNAME.idUSERNAME)') or die(mysql_error());
			}
			if($_POST['nummer'] != '')
			{
				$change_number_query = mysql_query('UPDATE ADRES SET huis_nummer = "' . $_POST['nummer'] . '" WHERE idADRES = (SELECT ADRES_idADRES FROM USER_DATA, USERNAME WHERE USERNAME.gebruikers_naam = "' . $_SESSION['username'] . '" AND USER_DATA.USERNAME_idUSERNAME = USERNAME.idUSERNAME)') or die(mysql_error());
			}
			if($_POST['add'] != '')
			{
				$change_toevoeging = mysql_query('UPDATE ADRES SET toevoeging = "' . $_POST['add'] . '" WHERE idADRES = (SELECT ADRES_idADRES FROM USER_DATA, USERNAME WHERE USERNAME.gebruikers_naam = "' . $_SESSION['username'] . '" AND USER_DATA.USERNAME_idUSERNAME = USERNAME.idUSERNAME)') or die(mysql_error());
			}
			if($_POST['post'] != '')
			{
				$change_postal_query = mysql_query('UPDATE ADRES SET postcode = "' . $_POST['post'] . '" WHERE idADRES = (SELECT ADRES_idADRES FROM USER_DATA, USERNAME WHERE USERNAME.gebruikers_naam = "' . $_SESSION['username'] . '" AND USER_DATA.USERNAME_idUSERNAME = USERNAME.idUSERNAME)') or die(mysql_error());
			}
			if($_POST['place'] != '')
			{
				$change_living = mysql_query('UPDATE ADRES SET woonplaats = "' . $_POST['place'] . '" WHERE idADRES = (SELECT ADRES_idADRES FROM USER_DATA, USERNAME WHERE USERNAME.gebruikers_naam = "' . $_SESSION['username'] . '" AND USER_DATA.USERNAME_idUSERNAME = USERNAME.idUSERNAME)') or die(mysql_error());
			}
			if(!$check)
			{
				echo '<script type="text/javascript">alert("Uw gegevens zijn veranderd");</script>';
				unset($_POST['send']);
			}
		}
	}	
	include('include/header.php');
	if(isset($_POST['del']))
	{
		if($_POST['del'] == 'Deactiveer account')
		{
			$setUserInActive = mysql_query('UPDATE USERNAME SET status = "inact" WHERE gebruikers_naam = "' . $_SESSION['username'] . '"') or die(mysql_error());
			$status = mysql_query('SELECT status FROM USERNAME WHERE gebruikers_naam = "' . $_SESSION['username'] . '"') or die(mysql_error());
      		$_SESSION['status'] = mysql_result($status, 0);
			$status = $_SESSION['status'];
			unset($_SESSION);
		    session_destroy();
		    header('Location:index.php');
		}
	}
	if(!isset($_POST['del']))
	{
		$status = $_SESSION['status'];
	}
	if($status == 'act')
	{
		$fetch_user_info = mysql_query('SELECT voornaam, achternaam, tussenvoegsel, email FROM USER_DATA, USERNAME WHERE USER_DATA.USERNAME_idUSERNAME = (SELECT USERNAME.idUSERNAME FROM USERNAME WHERE USERNAME.gebruikers_naam = "' . $_SESSION['username'] . '");') or die(mysql_error());
		
		$user_info = mysql_fetch_assoc($fetch_user_info);
	}
	include('include/menu.php');
	
		
	echo '<div id="main_content">';
	echo "<div id='super_main_content'>";
			echo "<h2>Accountbeheer</h2>";
			$textQuery = mysql_query("SELECT `omschrijving` ".
			                         "FROM `PAGINAOMSCHRIJVING` ".
			                         "WHERE `naam_pagina` = 'account'");
			if(!$textQuery) {
				die("Query failed. Please try again later.");
			}
			$welcomeText = mysql_result($textQuery, 0);
			echo $welcomeText;
			if($status == 'act')
			{
			
				echo '<form name="submit" method="post" action="' . $_SERVER['PHP_SELF'] . '">
						<br>
						<h5>Verander wachtwoord:</h5>
						<table>
						<tr><td>Huidige wachtwoord: </td><td><input type="password" name="password1"></td><td></td></tr>
						<tr><td>Verander wachtwoord: </td><td><input type="password" name="password"></td><td></td></tr>
						<tr><td>Bevestig wachtwoord: </td><td><input type="password" name="password2"></td></tr>
						<tr><td>__________________</td></tr>
						<tr><td>Verander voornaam: </td><td><input type="text" name="realname"></td><td>Huidig: ' . $user_info['voornaam'] . '</td></tr>
						<tr><td>Verander tussenvoegsel: </td><td><input type="text" name="middlename"></td><td>Huidig: ' . $user_info['tussenvoegsel'] . '</td></tr>
						<tr><td>Verander achternaam: </td><td><input type="text" name="lastname"></td><td>Huidig: ' . $user_info['achternaam'] . '</td></tr>
						<tr><td>Verander straatnaam: </td><td><input type="text" name="street"></td><td>Huidig: ' . $_SESSION['adres']['straat_naam'] . '</td></tr>
						<tr><td>Verander huisnummer: </td><td><input type="text" name="nummer"></td><td>Huidig: ' . $_SESSION['adres']['huis_nummer'] . '</td></tr>
						<tr><td>Verander postcode: </td><td><input type="text" name="post"></td><td>Huidig: ' . $_SESSION['adres']['postcode'] . '</td></tr>
						<tr><td>Verander toevoeging: </td><td><input type="text" name="add"></td><td>Huidig: ' . $_SESSION['adres']['toevoeging'] . '</td></tr>
						<tr><td>Verander woonplaats: </td><td><input type="text" name="place"></td><td>Huidig: ' . $_SESSION['adres']['woonplaats'] . '</td></tr>
						<tr><td></td><td class="verander"><input type="submit" name="send" value="Verander"></td></tr>
						<tr><td></td><td class="verander"><input type="submit" name="del" value="Deactiveer account"></td></tr>
					</table>
				</form>';
			
			echo "<br><hr>";
			echo "<h2>Bestellingbeheer</h2>";
			$select2 = "SELECT idBESTELLING,datum_geplaatst,datum_geannuleerd,datum_verzonden,bezorgtype,status ".
			           "FROM BESTELLING ".
			           "WHERE USERNAME_idUSERNAME = ".$_SESSION['userID'];
			$result2 = mysql_query($select2) or die("Kan niet uitvoeren") ;
			echo "<div class='clearthis'></div>";
			echo "<div class='clearthis'></div>";
			echo "<table class='account_bestelling'>";
			echo"<tr>";
			// bestelnummer, datum_verzonden, status, details 
			echo "<td>Bestelnummer</td><td>Gemaakt op</td><td>Verzonden op</td><td>Status</td><td>Details</td><td>Annuleren</td>";
			echo"</tr>";
			
			while($orders = mysql_fetch_assoc($result2)){
				echo "<tr>";
				echo "<td>".$orders['idBESTELLING']."</td><td>".$orders['datum_geplaatst']."</td><td>".$orders['datum_verzonden']."</td><td>".$orders['status']."</td>";
				echo "<td><a href='bestellingdetail.php?bestelnr=".$orders['idBESTELLING']."'>Details</a></td>";
				
				echo "<td><a ";
					if($orders['status'] != 'Geannuleerd'){
						echo "href='annuleer.php?annuleer=1&bestelnr=".$orders['idBESTELLING']."&action=0'";
					}
					else{
						echo "href='#'";
					}
					echo ">Annuleer</a></td>";
				echo"</tr>";
			}
			//<td>ordernr</td> <td>datum gemaakt</td> <td> totaal</td> <td> detaillink</td>   <td>afhandelen </td>
			echo"</table>";
		}
			if($status == 'inact')
			{
				echo '<form name="submit" method="post" action="index.php">
						<input type="submit" name="forward" value="Ga terug naar de begin pagina">
					  </form>';
			}

		
	echo '</div>';
	

	echo '<div class="clearthis">&nbsp;</div>';
	
	include('include/footer.php');
?>